Sort of Fair Processing Notice

Walking through Huddersfield the other day I caught this interesting example of a fair processing notice. It was a bus shelter. The actual notice was well above the normal range of vision. (Which reminds me of an old joke. What lies on its back eight feet up in the air.  Answer later.)

But how fair is this sign? Is it a fair processing notice informing data subjects that they might be being filmed? It has the magic acronym CCTV so there’s definitely a possibility that filming is taking place. But the other words seem to confuse the issue.

Anti-social behaviour is a crime. We’re not going to disagree with that are we? but it’s a statement of fact not really what’s needed on an FPN. You might as well say that Chelsea won the Champion’s League this year.

Plain Clothes Police Officers.  So how do we know they are Police Officers? Do they wear a carnation in their lapel or are they really operating covertly? This phrase means that everyone on the streets may be a police officer. Is this fair? Or if covert operations are being undertaken why do we say that plain clothes police officers are in place. Isn’t covert er… wait for it… covert? Does RIPA ring a bell?

Or CCTV in use.  Whoa let’s take a rain check.  Either it is in use or it isn’t. If it is you put up signs saying who’s doing it, why and contact details. If it’s not you don’t. Or maybe it’s secret filming. Donnnngggg. (That’s an alliteration denoting the tolling of the RIPA bell)

Finally your behaviour could be under observation. Back to the previous paragraph. Either it is or it isn’t. If it is for general crime prevention purposes then put up signs. If it’s a covert operation pre-authorise it through your SPOC and don’t bother with signs.

And to finish off 7 (count them) individual organisations contributed to this sort of fair processing notice including some very well known ones. So 7 data protection persons gave their opinion on the poster. No-one thought it was a bit naff.   Or maybe they didn’t ask the DP persons.

Take care in Huddersfield. They might be filming you (or not). Anyone at all could be a police officer. And Chelsea won the Champions League.

Ah yes the answer to the question.

What lies on its back eight feet up in the air. A dead spider.

FOI Update Podcast (May 2012)

In this episode Ibrahim discusses FOI developments and decisions from the first quarter of 2012 including those concerning:

  • When deleted information is held
  • Private emails and text messages
  • Vexatious requests
  • Employment Tribunal statistics
  • Section 30
  • Social work records of the deceased
  • Senior officers interests
  • Job application information
  • Tender pricing Information

There is also a quick review of recent developments in the world of transparency and FOI.

We have a few places left on our upcoming ISEB courses in London and Manchester.

ISEB CERTIFICATE IN DP

  • London: starting 12th June
  • Manchester: starting 14th June
ISEB CERTIFICATE IN FOI

  • London: starting 19th June
  • Manchester: starting 21st June

We also have a NEW workshop – PRACTICAL FOI (with @foiman)

FOI Man in Training

We are pleased to announce that Paul Gibbons, aka FOI Man, is doing two workshops for us on Practical FOI: How to Make FOI Work in Your Organisation”. Paul is a very experienced FOI Officer currently working in the university sector. Before that he spent many years as a records manager in both the private and public sectors.Paul runs the very popular FOI Man Blog and tweets as @FoIManUK.

This is what he says about his new Practical FOI Course for Act Now Training:

“One or two of you may have noticed that I’m branching out. Act Now Training have kindly asked me to develop and run a training course on Practical FOI.

Now I know there are lots of training courses on FOI out there, so what’s special about this course?

Well, as the name suggests, this isn’t about complicated legal arguments on the application of exemptions. This is about what you actually need to do if you’re an FOI Officer – especially if you’re new to the job.

You can find other courses that will cover one aspect of being an FOI Officer, but Practical FOI goes over the basics of everything that you’ll need to do.

We’ll be looking at ways to raise awareness amongst colleagues. Discussing the best methods for logging FOI requests. Picking out what you really need to do to improve your organisation’s records management.

We’ll talk about how to deal with colleagues who don’t want to answer FOI requests. And what procedures you need in place to manage complaints.

I look forward to helping you work out how to make FOI work in practice.”

Practical FOI is running in Manchester and London. Book Now to avoid disappointment.

Do You Want To Be Certified?

If you’re thinking about studying for the ISEB Certificate in Data Protection  or Freedom of Information to enhance your career prospects, there are a few things you should consider.

It’s the only externally examined qualification in the sector specifically targeted at current and potential DP and FOI practitioners (although there is a company that has created its own qualification which isn’t accredited by ISEB). Some organisations, when recruiting for an information governance vacancy, ask for candidates who have the ISEB Certificate. Others list it as a desirable qualification.

So what do you look for in a training provider? 

First of all is it accredited by ISEB?  This is a process that takes time and costs money. Every provider has had their company examined; their course director examined, their tutors examined and the course material scrutinised by experts. So choose an accredited provider – there are a few to choose from and you can find them on the ISEB website.

Next check out each provider’s website. Here are a few indicators that will give you some idea of their quality.

People 

You need to know who is going to teach the course. Are trainers better than lawyers? Is it a name you know who has worked in the field, who contributes to bulletin boards, who speaks at conferences, who is active in the DP/FOI community? Is it a trainer or a legally qualified person? There are trainers who are also legally trained but  they are rare. However in our extensive career in the sector we have been delegates on courses where very highly qualified legal people (barristers no less) have failed miserably to get across simple concepts because they couldn’t descend from their ivory towers.

While we’re on the subject some training providers don’t tell you who will be teaching the course. Some say “qualified lawyers” (are there any other type of lawyers?) Some don’t say even when you ask them. One declined to tell our researcher on the grounds of (are you ready for this…) Data Protection!

Training Methods

It’s not just  “here’s a booklet – read it” nor is it “watch these 500 PowerPoint slides”. You should expect to see a breakdown of what each day involves; whether it’s exercises, case studies, role play, videos, online sessions; quizzes; sample questions; homework, mock exams with tutor feedback. One training provider describes its teaching method as “Course” – that’s it, just one word!

Mock Exam

Many ISEB candidates last did an exam before the age of the Internet. Many have never used a pen to write for half an hour continuously let alone three hours.  We think it is crucial that candidates sit a full mock exam before the final exam. This allows candidates to hone their exam technique and expose any gaps in their revision.

Pass Rates

Look for them (ask for them). Some will go on at length about how they are the best but the basic pass rate should tell you a lot. The ISEB pass rate for DP is about 68%. FOI is a little higher. Your training provider should tell you how well their candidates  do. If they don’t then ask yourself why they don’t. Maybe they’re new; maybe they don’t get many delegates through.

Testimonials

There’s a law not dissimilar to Murphy’s Law, which we haven’t quite tied down that says something like… “There’s nosuch thing as a poor testimonial.” It could be Finagle’s constant or Sods law but don’t put too much faith in glowing testimonials. Everyone gets good ones. Few get bad ones. No one publishes a bad one. If you really want to know what an ISEB course was like ask someone who has done one with the same training provider. If you don’t know anyone, ask the provider for details of a previous candidate from your sector who does not mind giving a reference.

Price

You get what you pay for; the cheapest may not be the best. You may save a couple of hundred pounds on a course by going for a cheap provider. But the quality and content of the course may mean that you end up failing and spending more on a resit.

Conclusion

Pick a training provider who knows what they’re doing, with experienced well known speakers, who give you all the information you need to know on their website to take the course and who has a good pass rate.

Finally

ISEB has been renamed BCS Professional Certification but I think we’ll still call it ISEB

For more on more on how to pass the ISEB exam see our earlier blog post  

 

Our next ISEB courses start in London and Manchester in June

For more Information on our website or email us.

Protection of Freedoms Act 2012

Protection of Freedoms Act 2012

 2012 CHAPTER 9

The Protection of Freedoms Act 2012 received Royal Assent on 1st May 2012. The Act contains a number of measures which, when brought into force, will have a major impact on public authorities especially councils. Amongst other things the Act:

Introduces a new code of practice for surveillance camera systems. This is in addition to the CCTV Code of Practice under the Data Protection Act 1998. There will also be a surveillance camera commissioner. Read our article on  the New CCTV Regime 

  • Extends the Freedom of Information Act by requiring datasets to be made available in a re-usable electronic format. Read our blog entry on how this can make you money. For details of an innovative use of a dataset click here
  • Provides for Magistrates’ approval of all surveillance activities by local authorities under RIPA. Read a full article on the changes.
  • Requires schools to obtain parents’ consent before processing children’s biometric information
  • Restrict the scope of the ‘vetting and barring’ scheme for protecting vulnerable groups and makes changes to the system of criminal records checks. Read our article

Ibrahim Hasan is doing a special online training session  on the new Act in June and July.

The Act will also:

  • bring in a new framework for police retention of fingerprints and DNA data
  • provide for a code of practice to cover officials’ powers of entry, with these powers being subject to review and repeal
  • outlaw wheel-clamping on private land
  • introduce a new regime for police stops and searches under the Terrorism Act 2000 and reduces the maximum pre-charge detention period under that Act from 28 to 14 days
  • enable those with convictions for consensual sexual relations between men aged 16 or over (which have since been decriminalised) to apply to have them disregarded

All our information and surveillance law courses will be updated to take account of the new Act. If you would like customised in house training on any aspects of the Act, please get in touch.

FearSquare : A Dataset to be Feared?

A recently launched mobile phone application provides a useful insight into what could be possible if public authority datasets are fully exploited.

Many datasets are routinely published  by public authorities and are available for re use at little or no cost. Others can be accessed by making a request under the Freedom of Information Act 2000 (FOI). The Protection of Freedoms Act 2012 , which received Royal Assent on 1st May 2011, will make access and re use of datasets much easier. Once the Act is brought into force, amongst other things, it will amend FOI so that in the future public authorities will have greater obligations in relation to the release and publication of datasets. The key points are:

  • There will be a new duty on public authorities, when releasing datasets, to adhere to any request to do so in electronic form which allows its re-use where reasonably practicable.
  • Any dataset containing copyright material (where the authority holds the copyright) must be made available for re-use under a specified licence.
  • Publication schemes will in future contain a requirement to publish datasets, which have been requested, as well as any updated versions.
  • Such datasets will also have to be published in an electronic form capable of re use and any copyright material must be available for re use in accordance with the terms of a specified licence.

On the face of it, these obligations seem onerous. However they may also bring an opportunity for public authorities to raise some much needed revenue. They will be able to charge a fee (and make a profit) for allowing re use of any datasets containing copyright material (Read Ibrahim Hasan’s detailed article on the dataset provisions).

Once datasets are released, the idea is that clever people out there will think of innovative uses for them. This may involve a “mash up” with other data. One example is Fearsquare. Its website states:

“FearSquare is an application which allows FourSquare** users in the UK to easily see the official crime statistics for the places where you ‘check-in’. The intention is to give you a uniquely individual look at the levels and types of crimes you are exposed to in your daily life.”

** If you are not “cool” and “with it” like me, go to the end of this blog post for a brief explanation of Foursquare.

Foursquare knows all the locations that a user visits most often. These may be areas with high levels of recorded crime or are known for specific types of crime. For example, a user may be contemplating walking in an unfamiliar area where there have been a lot of muggings. FearSquare aims to keep the user updated on their surroundings and the levels and types of crimes recorded nearby. After all, forewarned is forearmed!

Fearsquare takes its crime stats from the UK Police Crime Statistics database. It has a “leaderboard” of the most dangerous areas based on the crime reported. The leaderboard gives out points to the most crime-heavy areas based on the types of infractions that take place, be it robbery or weapons related crimes.The site also has a real-time ticker that displays check-ins that have unlocked crime statistics, which serves as another way of discovering places that a user should be weary of visiting alone.

Interestingly there is a “game” built into FearSquare. The bold and the brave are awarded points when they visit the most crime-ridden areas in the UK. I think I will stick to establishments offering Nectar Points!

Fearsquare is the brainchild of Lincoln Social Computing Research Centre(part of the University of Lincoln) and is part of a study looking at how this sort of personalised data could change user behaviour. It is a good example of an innovative use of an openly available dataset. Public authorities need to start work now on identifying useful datasets they hold and raising awareness amongst stakeholder departments as to how they could be exploited. This opportunity, which should not be left to the private sector alone, nor should it be the realm of those who are motivated by profit.

Now if Dorothy or Little Red Riding Hood had this app on their mobile phones, i wonder which route they would they have taken?

NB Foursquare is an application (very popular in the US, less so here) which allows users to use the location services on their mobile phone to electronically “check in” at various locations; from coffee shops, pubs and restaurants to supermarkets. More check ins mean prizes as well as the much-envied status of “mayor” of a certain location. See https://foursquare.com/about/ for more.

New Webinar– For more on this and other aspects of the Protection of Freedoms Act, join us on our one-hour online seminar: http://www.actnow.org.uk/courses/city_ONLINE

Book Review: Essential Law for Information Professionals by Paul Pedley (3rd edition @facetpublishing)

It is always difficult to write a guide for non lawyers on very complicated areas of law. The task is made more difficult by the fact that information law includes lots of different statutes and regulations including the Freedom of Information Act, the Data Protection, the Environmental Information Regulations (to name just a few). This book is a very good attempt at the task by a well qualified author. Paul Pedley is a visiting lecturer at City University and the author of two books on digital copyright. The first edition of this book appeared in 2003 and immediately established itself as a popular training and student text.

The third edition of this book aims to offer up-to-date and easy-to-follow practical advice on the law as it affects information management and the fundamental principles underlying practice.  New and up-to-date coverage includes:

• the Digital Economy Act 2010 and it’s implications for libraries
• the Open Government License and the re-use of public sector information
• patents and trademarks
• CILIP’s guidelines on user privacy in libraries
• the move to extend legal deposit to electronic content
• recent changes in libel law
• the Data Protection Act and new penalties for infringement
• digital content and platforms
• open access and social networking.

The chapters on copyright, data protection  and privacy are a good starting point for anyone wishing to understand these laws.  The Freedom of Information chapter covers both the law in Scotland (FOISA) as well as the rest of the UK. The section on publication and re use of datasets (as per the Protection of Freedoms Bill) relies heavily on an article in our May 2011 newsletter. This is now slightly out of data as the Bill has now become law and some changes to the dataset provisions were made during the passage of the Bill through Parliament. A more up to date explanation of the dataset provisions can be found in our previous blog post.

All in all I would recommend this book. Whilst it is primarily aimed at librarians, it is a good basic guide for those working in information governance. It provides a useful starting point for anyone who requires a “quick run through” the salient points before moving on to something more substantial. For this purpose the references at the end of each chapter will assist. Priced at £49 this book is a useful addition to any legal library.

To buy this book visit the Facet Publishing website.

%d bloggers like this: